search

netwrix / pingcastle

PingCastle - Get Active Directory Security at 80% in 20% of the time
https://www.pingcastle.com
Other
2.35k stars 292 forks source link

PingCastle execution causing "unsecure LDAP binding" audit event #264

Closed red-erik closed 1 month ago

red-erik commented 1 month ago

Hello, when we run PingCastle, we immediately recive a waring for an unsecure LDAP binding due to our monitoring on LDAP Packet Signing Enforcement setting. Do you think it would be possicle to change that ?

The following client performed a SASL (Negotiate/Kerberos/NTLM/Digest) LDAP bind without requesting signing (integrity verification), or performed a simple bind over a clear text (non-SSL/TLS-encrypted)LDAP connection.

Regards, Red.

JoeDibley commented 1 month ago

Hi there, I don't think we can change this im afraid as it is part of the healthcheck. The A-DCLdapSign rule performs an actual check to detect whether it is actually enforced or not.

You can see more about the rule by searching A-DCLdapSign in the PingCastle rules located here.

red-erik commented 1 month ago

Hello, thanks for the clarification.

Regards, Red.